I'd like to have a better understanding of how sandboxing and multiprocess work.

First, is multiprocess and sandboxing actively supported?
Is Servo tested with the "-M -S" options?
What's the status of the sandbox?
Is there any reasons for these options to not be turned on by default?
Do we want to enable "-M -S" for browserhtml? Would that help?

I'd like to understand what is not part of the sandboxed content process.
I guess compositor code and anything GPU and window related is not
sandboxed so it runs in the main process.
How does a sync call to localStorage work in a sandboxed process?
Where is networking code executed?

I'm trying to understand the relation between a constellation, iframes
and a sandboxed process. I would naively expect to have one process
per constellation, but apparently, it's one process per iframe. If I'm
not mistaken, today in browserhtml, we have only one constellation. I
imagine in the future there would be one sandboxed process per
constellation, one constellation per group of tabs of the same domain,
and one constellation for browserhtml.

Thanks.

-- Paul
_______________________________________________
dev-servo mailing list
dev-servo@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-servo

Reply via email to